Setting up an SFTP Server on Windows (Server) with OpenSSH (using Microsoft's port of OpenSSH)
Вставка
- Опубліковано 25 кві 2020
- Often times we'll need to integrate two systems by transferring CSV files between them. The de facto file transfer protocol in this case is SFTP. When we are on Unix based systems the choice of SFTP servers is a no brainer - OpenSSH. However, until recently, on Windows we didn't have the option of using OpenSSH (except for maybe using Cygwin). That changed when Microsoft ported OpenSSH to windows.
In this video, I want to show you how to setup an SFTP server on Windows using OpenSSH.
Microsoft's port of OpenSSH can be found at:
github.com/PowerShell/Win32-O...
Text based instructions for setting up OpenSSH can be found here:
github.com/PowerShell/Win32-O...
The steps in this video have been tested on Windows Server 2016. The instructions for Windows 10 will different slightly e.g. in opening up the firewall. Consult the text based instructions for more details.
NOTE: If you're getting "Permission denied (publickey,keyboard-interactive)" errors have a look a my follow up video where I explain how you can go about troubleshooting this: • SFTP Server on Window:...
While not necessary, if you enjoyed this video, buying me a coffee is greatly appreciated!
www.buymeacoffee.com/prodprog... (no refunds) - Наука та технологія
Please do subscribe if you found this video useful.
Also, do let me know what other topics you would like covered in future videos.
Hi sir it helped me lot to setup SFTP server.
I do have a question you have set chrootdirectory to incoming folder and when you login you are able to see the text file. But my question is I want to see the incoming folder when I loged in using winscp or filezilla. Is that possible?
@@sunilitagi8807 I replied your other comment, let me know if you are having any issues.
Thank you so much, this is EXACTLY what I was looking for.
Excellent tutorial. I was able to modify what you taught me to create a SFTP server in Azure with multiple users.
Very well done. A bit fast, but I think that was needed for how much there is to cover. I also really appreciate how you described what your commands did as you typed them. Good luck and stay healthy/safe.
Glad you enjoyed it!
Thank you so much for this, it is exactly what I was looking for!
Thank you Sir.. this is exactly searching from long time.
superb man! would love to see more informative videos.
Thank you! what exactly I wanted. Nice and clear explanation.
Thank you so much.it helped me a lot to set up SFTP. Please create some more descriptive videos on its different possible configurations in the config file.
This helped me big time!!!! Thanks for this upload.
Excellent .. I was trying to find the correct process for two months and your same my job. Not sure how to thank. All the very best
Glad it helped
Thank you very much for this video, was extremely helpful for me as I've never setup OpenSSH/SFTP. I did want to note for others, MAKE SURE you're in C:\ProgramData\ when adjusting the config file, I was adjusting the C:\Program Files config for an hour or so wondering why I couldn't lock down root access.
Hi I have been setting up an sftp server for the last 2 weeks and your video has really helped
Glad to be of help
Really useful video! Thank you for sharing knowledge.
Well done Sir, an excellent example well executed. Thank you.
Thank you, please do subscribe.
Thank you so much for awesome video , great explanation, this is exactly what I was looking for.
Thank you, please do subscribe to the channel if you haven't already.
Thank you so much, you saved me hours of troubleshooting.
Thanks, found this very helpful.
your video helped me a lot, tanks you have a new subs
This is very useful. Thank you!
Thanks friend, your video helped me, greetings from Brazil.
Great to hear, please consider subscribing
What a great explanation, thanks a lot!
You saved me :)
I did this installation step by step for the one of the Global company I do provide consultancy and I just want inform other colleagues these:
If you get an "Connection Closed (WSARecv error in .ssh\logs file)" error message after 16:07 sftp username@localhost step;
You can add OpenSSH folder path to the Environment Variables path section.
- run sysdm.cpl via Run
- At the Advanced tab Click Environment Variable
- Edit the Path section and add your C:\Program Files\OpenSSH path as well via the Browse option, and try again, solved.
Thanks for sharing!
Thanks for this - very helpful. I did get a permission denied error when first trying to connect, this was due to the security permissions on the authorized_keys file. If any other user has read/write access to it you must remove them.
Thank you, a great tutorial, really helped.
Glad it helped!
Thanks, I had some issue, but with DEBUG3, I was able to solve it :)
thanks, worked perfecly
thanks , this is exactly i was looking for
Glad to hear it.
great tutorial. thank you.
Hello, thanks! It was perfect
That really helped a lot !!
Thank you! Please do subscribe if you haven’t.
You can find SSH Server under Apps and Features - Optional Features.After that the binaries are under:
c:\windows\system32\Openssh
Thanks help me soo much
really helpful..!
Muito obrigado!
thabk you so much!!!
Great Video! I do have a question about the way users connect: Is there a way to change the host name to an Alias or something different? I don't want my external users to use the server name to connect.
*Face palm* This is done by configuring the port on your firewall and security groups and creating a DNS record for your external address to the DNS (external). This had to be configured by a higher level tech at my company so I didn't put two-and-two together.
Hello Sir,
Great Tutorial. easy to follow and very informative. Thank you.
I've one question regarding authentication though! I've to provide the user credentials to another (remote) party to update data on the incoming folder. depending on the working conditions the remote party may use different devices to access the folder. So far in your example we had to add the remote party's public key into user1's autorized_keys files. Is there are way to let the remote party to login without this restriction and simply using the user1's credentials?
Thanks again.
Hello, skip the step where I set PasswordAuthentication to "no". That should do the trick.
@@ProductivityforProgrammers thanx, it did the trick.
thank you
One more question, Is there a way where I could send files using from a remote VM using WinSCP to this machine with OpenSSH??
WinSCP supports SFTP so I don't see why not.
Are you having any issues with this?
Thank you
thanks . Very useful information.
From what version of windows is openssh ported?
You can view the versions available here - github.com/PowerShell/Win32-OpenSSH
can network location be given in sshd_config file ? I want files to go on mapped network drive on ssh server
If it's a mapped network drive, meaning it has a volume assigned to it like F:\, then I don't see why it wouldn't be possible. However, I haven't tried it out myself.
@Productivity for Programmers I can successfully access the SFTP with local account. However, when I try with domain accounts, it's faling. Could you please suggest what should I check?
I'm not aware of how to fix this as well. I'll test this scenario out and will possibly do a follow up video.
GREAT. tysm!!!!!
Thank you, please do subscribe
Hi there ;) I have a little question:
Situation that you have many folders and many users to see this folders.
I try with Match Group, and works.... but if you have other folder with the some user ...in my case only matchs the first line.
Have any solution for this cases.
thank you
Would you be able to share the relevant snippet of your config file
Thank you for this detailed tutorial I have followed the steps but getting stuck at 16:48 where it lists the files in the users profile and not the ChrootDirectory. I did get the fingerprint prompt. I am doing this on Windows Server 2019. Any suggestions?
Even i'm trying do the same on the Azure 2019 but i got the fingerprint prompt but is prompting for password and When i connected with local user i can connect to smtp %USERPROFILE% even thought i have updated the sshd_config file with ChrootDirectory "c:\incoming"
I haven't tested this on Windows 2019. I don't have any ideas about why it would be different.
Let me know if you figure it out.
I don't have the need for Windows 2019 in my environment yet -- but I'll make a note of this when I finally upgrade.
At 16:47 what did you put in as the fingerprint? You typed something, but I don't know what you typed? (I don't know what a fingerprint is)
I typed "yes" to accept the fingerprint. The fingerprint is a short piece of text that uniquely identifies a key.
If i want to restrict sftp user from running rm rmdir command then what need to do..?
Thanks for your question. I don't have the answer because I haven't had the need for this yet.
when I try to connect using the sftp user@localhost command, it goes through but it doesnt change the cmd to sftp, it just stays as the current directory. I also cant connect using filezilla. Can someone help me?
What do you mean by "doesnt change the cmd to sftp". What is the error that FileZilla is displaying?
Hi, Thank you very much for this video. It is very helpful really appreciate. I did everything as per the guidance, but I am having an error of 'connection closed' while connecting to the sftp server from another client. I tried disabling firewall, adding a port 22 rule and folder permission. Do you have any idea about how to fix it or what goes wrong?
Hello! Can you watch the follow up video I did - ua-cam.com/video/YBiQXkknubc/v-deo.html and see whether logs gives you any useful information.
I received the same error. Did you ever figure it out? Thanks.
Hey it’s a great video for deploying sftp in windows server . I do have a question how do I restrict other users for sftp public access pls advice .
Do you mean that there are multiple users on your Windows machine but you only want some of them to be able to access their folders through SFTP?
@@ProductivityforProgrammers Thanks for replying , Yes at the moment admins can also able to list the folders , I want Just sftp user only able to access and list.
@@RajaSekar-ez2ul I haven't tried this myself but I would look into using the DenyGroups directive to block the admin users from accessing.
Thanks for the great tutorial, it certainly have helped lot. However at some point some of us would get Permission denied (publickey,keyboard-interactive) usually after we try to connect using app or winscp (we load our private key in winscp and put our public key in authorized_keys). After the failure using winscp, it will never recover even u generate the keys again at server.
Logs
524 2021-04-18 20:21:03.350 Authentication refused.
524 2021-04-18 20:21:03.350 Failed publickey for ftpuser from 127.0.0.1 port 50179 ssh2: RSA SHA256:CxUWTS2/lpAQln1EwEvkNSrOnxg+nW3FGxjCzOLogvo
524 2021-04-18 20:21:03.381 Connection reset by authenticating user ftpuser 127.0.0.1 port 50179 [preauth]
For me i need to remove the user and redo again till screwed up again by other app. I have been working it for hours :(
I think I might know the reason, can you try changing the log level to DEBUG3, you might see from the logs that SSHD doesn't like something to do with your folder permissions for your user's home directory.
Hello, great video ..I have two questions please.
1) How can I allow AD authentication for users? So I would not have to set up a password for them.
2) If AD authentication is not possible, I notice that users only have access to the sftp, ONLY when they belong to the administrators group on the server. Can this be modified?
Hi Navin, I haven't explored the pairing of SSH and AD.
Are you getting any specific errors when you configure non-Administrators as SFTP users? I don't see why this would be an issue.
Thank you for this great tutorial. Every thing works just fine without integration of any third party! One question: Is it possible to replace user1 with the already existing user instead, and if so how to manage that ? Many thanks in advance.
Yes, definitely.
1.) Create the authorized_keys file in the user profile directory of the existing user.
2.) Replace "user1" with the existing user's username in the sshd configuration file.
3.) When you sftp, use the username of the existing user.
@@ProductivityforProgrammers I'm not following with these instructions. Could you please explain more in depth? When connecting to the server via winscp I am only able to view user1's files
Have you figured out how to do this yet? I am struggling with the same issue
I have not tried myself yet, so please tel me if it works, so please tell me if it works for yoyú@@tykersey8299 1.) Create the authorized_keys file in the user profile directory of the existing user.
2.) Replace "user1" with the existing user's username in the sshd configuration file.
3.) When you sftp, use the username of the existing user.
16:52 Are you sure you want to continue connecting (yes/no/[fingerprint])?
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
user2@localhost: Permission denied (publickey,keyboard-interactive).
It should work if you copied the public key from the client to the authorized_keys on the server.
Do you see anything in the logs.
Hi,
Thank you for the video. I am getting the below error. Can you let me know what is the reason?
C:\WINDOWS\system32>sftp newuser@localhost
Connection reset by ::1 port 22
Connection closed
Hello, have a look at the follow up video I did. It might give you some hints on how to troubleshoot this.
pls any one help me how to access one user to more directory
I would look into tweaking or removing the ChrootDirectory. Let me know if that works for you.
First of all, thank you for this video. This has cleared 90% of my doubts. It's a great video explaining everything.
Thanks to you, I successfully created an sftp server on my laptop. I need to connect to that sftp server via Data Factory. But I get a TimeOut error. Can you do a video on setting up an sftp linked service in Azure Data Factory, please?
Thank you for the suggestion. Will look into it.
Just off the top of my head, how are they accessible to each other? Is it through VPC peering or is the SFTP server on a public IP?
@@ProductivityforProgrammers SFTP server on a public IP hosted on my laptop.
So, I got it working but I had to create another Self Hosted Integration Runtime on my local machine. So, like I have 2 Self Hosted IRs, one of which (not on my machine) throws a SocketError TimedOut (I don't know why) and the other IR(on my machine) works perfectly fine.
Can i create a remote user to have only read access?
I'll get back to you, I have hadn't the requirement yet so I need to test it out.
i did all the steps. but i getting error connection closed. unable to open sftp
Hello, Are you still having issues? Not much information to go on here, but did you remember to restart the service?
I have a question. What if I already have a user on my computer how am I going to set a password for that user?
You don't have to, just login as the user and modify the authrorized_keys file to add the public key.
Sir can we add this folder to Active Directory group or access can provide from AD users single
I can't help much here as I'm not that familiar with Active Directory.
Thanks Sir
How can I configure many users to log in sftp? I tried to make it, bu I cant. Could you help me?
In my scenario, I wanted to explicitly map users to folders e.g. user1 to "Incoming" folder.
If you just want users to be able to access their own folders I think you can just omit the "Match User" directive (and the ChrootDirectory under it) and then when the user logs in they'll just see their home directory.
Let me know if it that works for you.
@@ProductivityforProgrammers Really. I would like to do, it was create a group and to make member of this, available logon in the same directory. How can I do it?
@@cloudcomputing3019 I haven't had the need for this myself so I haven't tried it out yet -- but try using "Match Group" with the name of your group instead of "Match User". See whether that works.
Any help on this - after I put in my password logging in to SFTP I imminently get "connection Closed". Windows 11
Hello, Can you have a look at the ssh server logs and see whether there are any hints? Try increasing the logging level as well.
Use this as guidance - ua-cam.com/video/YBiQXkknubc/v-deo.html
@@ProductivityforProgrammers Thank you so much! All i did is add the higher level add LogLevel DEBUG3 and I could login. Not sure why that worked. Also I was able to copy files into the windows directory once I logged into SSH localhost. I don't believe I want that to be able to happen, any ideas since I did put in ForceCommand internal-sftp
Match User cch1
ChrootDirectory "c:\Incoming"
Hi did you have any guide to create public and private key
Not yet, might make that a topic of. a future video though.
@@ProductivityforProgrammers thank you very much
14:50 my error stays and I have changed the "y" missspelling
Hi, did you solve your problem?
My mistake is usually forgetting to restart the service after changing the file.
@@ProductivityforProgrammers solved.
Hello
A friend tryed to connect to the IP but got timed out eveytime.
Can somebody help?
Try two things:
- Can you ping the IP address from the remote computer
- Can you telnet to the SSH port from the remote computer
Thank you, i gonna try it later 👍
This a really great video! wow!
I can do everything righ untill 20:29 ... but then, I try connecting to the sftp server from a linux machine by typing "sftp user@ip" and I get timed out ... can you help plz ? is there a particular setup for the machine that is trying to connect ? thank you very much :)
Did you resolve your issue? I don't have enough information to go on can you try to:
1.) Check the sshd logs
2.) Try to telnet to the port to see whether it's a firewall issue.
3.) Are the machines in the same network or are you trying to connect across the internet? If you are trying to connect machines across the internet, make sure that either the machine has a public IP OR that you have done the necessary port forwarding at your router OR that you are using a VPN (I would recommend the VPN approach).
@@ProductivityforProgrammers I had a similar problem. When i try to connect the keys are getting exchanged and the fingerprint is shown i get:
user1@localhost: Permission denied (publickey,keyboard-interactive).
Telnet sais the port is open.
Here is what the log file sais:
1080 2021-04-19 13:56:56.599 Connection from ::1 port 50085 on ::1 port 22
1080 2021-04-19 13:56:56.630 Authentication refused.
1080 2021-04-19 13:56:56.630 Failed publickey for user1 from ::1 port 50085 ssh2: RSA SHA256:FWqOcE0/XEIjrUf+ZfGpHxqfyD/Wq8aJ/3/YZu3omEA
1080 2021-04-19 13:56:56.630 Connection reset by authenticating user user1 ::1 port 50085 [preauth]
I am also not using the github version rather than the one in Apps and Programs
"C:/Windows/System32/OpenSSH"
@@kartoffelbrei8090 Try setting the log level to DEBUG3 and check the SSHD logs . I encountered a similar problem recently and it was due to SSHD not being happy with the ACL of the user's home directory.
The log will say something like: Bad permissions. Try removing permissions for user: XYZ on folder ABC.
@@ProductivityforProgrammers Nvm i accidentally deleted my Windows User profile and cant log in any way.
F
And now i am back to the Wing FTP free trial. Thank you tho. Ill try again if i ever have masochistic tendencies for Windows servers again.
I want to know if I change the log to local, what is the path to check
Try:
C:\ProgramData\ssh\logs\sshd.log
@@ProductivityforProgrammers thanks
hi I an using an App called “Documents” on ios, I have the option to choose a “private key” file, but I dont know what private key I should provide, so I continued, and it shows that I do not need to provide any key, as long as I have a valid username and password, I was able to connect to my sftp server.
Does this mean that my connection is unsecure?
If you're following the steps in the video, I disabled password authentication, so this should have not worked.
However, if you're asking in general, then verify whether an invalid password will let you access. If it doesn't, then you're fine.
In the video I suggested using a key and disabling password based authentication because people don't always use good passwords.
@@ProductivityforProgrammers oh ok I understand now.
Using an invalid password does not allow me to connect. Like I must use a valid username and password that is added to my windows 10 system.
So even without needing to use the private key, using only username and password, my connect is still over ssh and secure?
@@jyuseries8313 You're still using SSH just with password authentication.
I followed your procedure to install the OpenSSH. It only worked using the command window to login and upload a file. But in my Java app, the connection failed with the following stacktrace:
com.jscape.inet.sftp.SftpException: cause: java.util.NoSuchElementException: no common elements found
at com.jscape.inet.sftp.SftpConfiguration.createClient(Unknown Source)
at com.jscape.inet.sftp.Sftp.connect(Unknown Source)
I used same user Id and password that I set up in the installation.
Sorry, I'm not familiar with that SSH library.
@@ProductivityforProgrammers It turned out that the jscape Java version that I was using was outdated and thus it could not make any sftp connection to the newer OpenSSH server on my PC. I had to swap it out with another sftp Java interface that utilizes the latest key exchange algorithms and cipher settings to make the connection. So, your instructions for installing the OpenSSH is still applicable to Java clients as long as the right version of Java sftp interface library is used.
Tthank you, I was able to configure sftp and send files however when trying to sftp to the server the next day, I got the below issue; How can I resolve it?
connection reset by port 22
connection closed
Thanks in advance.
Try verifying the following:
- the service is still running
- the firewall rules are still in place
@@ProductivityforProgrammers thank you, the OpenSSH SSH server service is running. I started the service for OpenSSH authentication Service and tried to sftp from a remote machine but still facing the below issue,
connection reset by port 22
connection closed
@@nehasharon5491 When you SFTP from the host itself, does it work?
How do I access the SFTP Server over the internet without security risks? Is it safe to port forward 22?
I wouldn't recommend it.
If you have a small enough user base try using an easy to setup VPN like Hamachi.
@@ProductivityforProgrammers thanks! i just fixed my problem. coincidentally i also used a vpn. it's called zero tier i think its similar to hamachi. maybe u could do a tutorial on how to access servers from outside your home network (internet) for a proper demonstration!
16:37 Once i put sftp EWFTP_BO@localhost, it gives me the error --> 'sftp' is not recognized as an internal or external command,
operable program or batch file.
Could you please let me know how can we fix it ?
Refer to the part where I set the "PATH" environment variable.
@@ProductivityforProgrammers when i put sftp EWFTP_BO@localhost, it takes forever, and does not comes back now ? Please help. Not sure why its taking forever. I followed all your steps, and everything went fine without any error
@@ProductivityforProgrammers i have like 20GB of data in the incoming folder. Could that be the reason its taking forever ?
i used D drive , instead of C drive as our landing zone, does that makes any difference ?
after so long time the finger print option came and i hit "Yes" and then it showed
Connection reset by 127.0.0.1 port 22
Connection closed
Hi sir, can we use putty
I'm not sure about Putty but if you want to use a graphical SFTP client try using WinSCP.
Hello,
Thanks for the helpful sftp config.
I finished all the config but when I tried to sftp I got an error as shown below. Please advise::
C:\Windows\system32>sftp sftpuser@localhost
kex_exchange_identification: banner line contains invalid characters
Connection closed.
Banner has default value "none" with # at the beginning
I'm out of ideas here. Did you figure out the reason?
Hello, Have you found a solution to this issue ? Will be glad to hear from you!
Just make sure the Folder of Path has the permission for the User.
How to allow Sftp but disallow Ssh in Server22?
Are you able to get an SSH shell?
My understanding is that the ForceCommand directive should prevent that.
How to do so? Tried different ways but seems failed. Tks
Try using:
ForceCommand internal-sftp
Let me know if that doesn't work for you.
Permission denied (publickey,keyboard-interactive). Connection closed. The only way it works for me is when PasswordAuthentication set to yes.
I would double check that I created the authorized_keys file correctly and copied the correct public key into it.
Also, see whether the logs have any useful information.
Hello, Have you found a solution to this issue ? Will be glad to hear from you!
Hi sir it helped me lot to setup SFTP server.
I do have a question you have set chrootdirectory to incoming folder and when you login you are able to see the text file. But my question is I want to see the incoming folder when I loged in using winscp or filezilla. Is that possible?
@Productivity Tools for Programmers sir any update please
The easiest way is to put "Incoming" inside a parent directory e.g. call it "c:\SftpRoot" and then ChrootDirectory into "C:\SftpRoot" instead.
@@ProductivityforProgrammers sir thanks for replying .
I have a scenario where I have 2 users A and B I have created the root folder F:\sftrproot inside that I have created the folders A And B
I have chrootdirectory to sftproot.
When I loged in with A user credentials
using filezilla I am seeing both A and B folders which I don't want to , what I am exactly looking is when user A login he should see only his folder named A and should not see folder B.
Please help me with this
@@sunilitagi8807
Try this:
Match User usera
ChrootDirectory c:\SftpRoot\usera\
Match User userb
ChrootDirectory c:\SftpRoot\userb\
Then within, the usera and userb directories create the directory structure that you need for that user.
Let me know whether that works out for you.
@@ProductivityforProgrammers hi sir.
I am able to connect to it. But my request is if I login to usera account then I should see usera folder first In filezilla and later after double clicking the usera folder I shoud see sub folders.
i have no files on my ssh directory on 10:34
I'm pretty sure those files are created when SSHD runs for the first time. Can you verify that SSHD was able to start?
When i set passwordAuthentication to NO, i cant connect anymore. It cant match public key. How does it come we got exacly same set config but it doesnt work ? Any idea ? :C
Did you solve your problem? Any information in the logs?
@@ProductivityforProgrammers Hi ! In logs i cant only see client has disconnected. It looks like permissions issue. I cant use linux etc. I made permissions in VM and it worked. Seems like something its blocking on client server. It is also inside VPN. Maybe this is vpn issue or something :/
@@michawojtaszek8499 I'm out of ideas, please share the root cause if you manage to figure it out.
@@ProductivityforProgrammers well in the end it comes to windows permissions on pk. This is so confiusing, their repair .exe created me a hell. I had to remove even admin permission. Well i have learn admin != administrator :x im still noob
super noob here--does this work for people outside of my internal network? What steps do i need to take to let people outside of my home network connect via SFTP?
No, it won't. You have two options:
1.) Setup port forwarding at your router.
OR
2.) Setup a VPN e.g. Hamachi
@@ProductivityforProgrammers i can easily open port 22, what else do I need to do?
@@joshlee35 It's router specific, but look for some settings in your router dashboard related to "port forwarding". I wouldn't recommend this approach to be honest. If you only need a few users to connect to your SFTP server, consider the VPN approach first.
@@ProductivityforProgrammers thanks, I'll do some research on that topic. can I reach you on any messaging services or something like that? I'll definitely have further questions
@@joshlee35 I prefer to keep the discussion here. Feel free to ask any questions. I am usually on UA-cam a few times a day.
Excellent Video however you still logging as a user1 from remote machine , not as uploaduser .
Yes, you are right. That's the intent of the example, to allow a remote user to access the machine as user1.
Hello , thanks alot for your channel and its really helpful,
here am facing an issue... see password auth is working but soon i enable the passwordless its not woring fro unix to windows .. the remore pub key has been added to the the authoozed_key store ... getting the below errors.. can u please suggest on this ..
[user@****done]$ sftp user@testserver
Permission denied (publickey,keyboard-interactive).
Couldn't read packet: Connection reset by peer
[user@**** done]$ sftp testserver
Permission denied (publickey,keyboard-interactive).
Couldn't read packet: Connection reset by peer
[user@**** done]$ sftp sftpuser@testserver
Permission denied (publickey,keyboard-interactive).
Couldn't read packet: Connection reset by peer
Hello, sorry I missed your question, did you manage to resolve your issue?
I did a follow up to this video because many people were reporting similar issues:
ua-cam.com/video/YBiQXkknubc/v-deo.html
Let me know if that helps.
I am keep receiving Permission denied (public key error). When I further analysed I got to know if any user accessed the local user or its .ssh it's throwing this message. I also found if any user except administrator or my local user access the .ssh, this error is appearing. How I can restrict other users accessing my user or .ssh folder.I am in critical deliver of this project where I m stuck now and not able to progress. Please help me asap. Also can you provide me your email address I will send you screenshot. Please assist urgently
Hello there are you still experiencing this issue. A few clarifying questions:
a.) When you are modifying the .ssh folder of that user are you logged in as that user?
b.) After you have added the key to the user's ssh directory e.g. "bob" are you accessing the sftp server as bob@hostname?
@@ProductivityforProgrammers
A.) I can logged in using the user through which ssh key is generated but the problem is that when I setup .ssh it's showing me 2 user id in Security group. One is administrator and another is my local user but my problem is couple of users are added in administrator group. They are not present in security group in first instance but if any of the user part of administrator group access the .ssh folder then that user gets added into my security group and then my local user id SFTP connection is broken with error as 'permission denied'. If I remove that user from secuirty group them my connection is again started working. So the connection is only accessible to administrator user nd local user but and I want to know how to either restrict to other users ok or how other user can access nd my connection also should not get broken
@@dswapnil85 I don't really understand the scenario but this sounds like it might be more advance than the setups that I have done in the past and that I might not have the knowledge to help you.
Microsoft Windows does not have a built-in SFTP server. This video is very helpful, esp. if you are tech-savvy. For many small businesses, it could still be challenging as you need to make it accessible from the Internet, thus you need to properly secure your computer and you need to have a static IP address. It might be easier and better to use a cloud based SFTP server, which can be setup instantly and you don't need to be tech-savvy. Please watch this video:
ua-cam.com/video/iGdBX4F1e-w/v-deo.html
Please don't use this comment area for self promo.
Hi, so I am stuck at around 16:45 , when I type sftp user1@localhostinto the command window of this user I get the following:
C:\Windows\system32>sftp user1@localhost
user1@localhost's password:
Connection closed
I don't know what is causing this and I thought you might be able to help, thanks in advance.
Hello, did you solve your problem? I think the best bet here is to increase the LogLevel, restart the SSH server, try to log in again and then see whether there any hints to help troubleshoot this in the logs.
Thanks so much for the tutorial! I'm running into one problem though, I am immediately disconnected from the server when running sftp, any help would be appreciated. Note, if I comment out #ForceCommand internal-sftp in sshd_config I am able to use ssh, just not sftp.
C:\Windows\system32>sftp -v user1@localhost
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug1: identity file C:\\Users\\user1/.ssh/id_rsa type 0
debug1: identity file C:\\Users\\user1/.ssh/id_rsa-cert type -1
debug1: identity file C:\\Users\\user1/.ssh/id_dsa type -1
debug1: identity file C:\\Users\\user1/.ssh/id_dsa-cert type -1
debug1: identity file C:\\Users\\user1/.ssh/id_ecdsa type -1
debug1: identity file C:\\Users\\user1/.ssh/id_ecdsa-cert type -1
debug1: identity file C:\\Users\\user1/.ssh/id_ed25519 type -1
debug1: identity file C:\\Users\\user1/.ssh/id_ed25519-cert type -1
debug1: identity file C:\\Users\\user1/.ssh/id_xmss type -1
debug1: identity file C:\\Users\\user1/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_for_Windows_8.6
debug1: match: OpenSSH_for_Windows_8.6 pat OpenSSH* compat 0x04000000
debug1: Authenticating to localhost:22 as 'user1'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:hT4UxhDQoYC25hARc6GBXsN3uVonz62ag49/SkwE3Jo
debug1: Host 'localhost' is known and matches the ECDSA host key.
debug1: Found key in C:\\Users\\user1/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug1: Will attempt key: C:\\Users\\user1/.ssh/id_rsa RSA SHA256:AXOvIT/v1lYiG4VS41HeHQFdaB8Cacjau0ogD8Z6hlM
debug1: Will attempt key: C:\\Users\\user1/.ssh/id_dsa
debug1: Will attempt key: C:\\Users\\user1/.ssh/id_ecdsa
debug1: Will attempt key: C:\\Users\\user1/.ssh/id_ed25519
debug1: Will attempt key: C:\\Users\\user1/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: C:\\Users\\user1/.ssh/id_rsa RSA SHA256:AXOvIT/v1lYiG4VS41HeHQFdaB8Cacjau0ogD8Z6hlM
debug1: Server accepts key: C:\\Users\\user1/.ssh/id_rsa RSA SHA256:AXOvIT/v1lYiG4VS41HeHQFdaB8Cacjau0ogD8Z6hlM
debug1: Authentication succeeded (publickey).
Authenticated to localhost ([::1]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Sending subsystem: sftp
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Connection closed
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 3144, received 2924 bytes, in 0.1 seconds
Bytes per second: sent 23371.3, received 21735.9
debug1: Exit status 1
C:\Windows\system32>
I found the issue, the OpenSSH Authentication Agent had an incorrect path.
@@aidan1466 Where was the area to change path?
@@aidan1466 Hi where you changed the path?
Great Video, I am having issues with a remote user though. The remote user is the only public key in authorized_keys file, on connecrion it shows the key passes but the connection does not start, any ideas?
Hello, did you solve your problem? I did a follow up video as well where I showed how you might want to go about troubleshooting issues like this.
Hello, when I try to connect using user1 it says Permission denied. Please help.
Hello, have a look at my follow up video: ua-cam.com/video/YBiQXkknubc/v-deo.html